In the context of IAM roles for Amazon EC2, which of the following NOT true about delegating permission to make API requests? A. You cannot create an IAM role. B. You can have the application retrieve a set of temporary credentials and use them. C. You can specify the role when you launch your instances. D. You can define which accounts or AWS services can assume the role.  Suggested Answer: A Community Answer: A Amazon designed IAM roles so that your applications can securely make API requests from your instances, without requiring you to manage the security credentials that the applications use. Instead of creating and distributing your AWS credentials, you can delegate permission to make API requests using IAM roles as follows: Create an IAM role. Define which accounts or AWS services can assume the role. Define which API actions and resources the application can use after assuming the role. Specify the role when you launch your instances. Have the application retrieve a set of temporary credentials and use them. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html This question is in SAP-C01 AWS Certified Solutions Architect – Professional Exam For getting AWS Certified Solutions Architect – Professional Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer